This week we saw lots of interesting cyber security reports. We would love to cover all of them in depth, but we just don’t have the time. Here’s the top security reports that we missed out on this week.
- Norsk Hydro recently got hit with ransomware and BBC recently covered the aftermath of the attack. This five-minute video shows just how must devastation ransomware causes. If Norsk Hydro had appropriate backups, they could recover far sooner. https://www.bbc.com/news/av/technology-48707033/ransomware-cyber-attacks-are-targeting-large-companies-and-demanding-huge-payments
- A new tool came out to show hidden Active Directory (AD) privilege inheritance and how a malicious user might be able to move laterally inside your infrastructure. https://www.darknet.org.uk/2019/06/bloodhound-hacking-active-directory-trust-relationships
- In response to Iran shooting down a United States drone, the US and Iran allegedly launched cyber-attacks against each other. https://www.scmagazine.com/home/network-security/u-s-launched-cyberattacks-on-iranian-intel-targets-report
- A study shows that downloading from the official Google Play store doesn’t always mean the aps are secure. Researchers from the University of Sydney and Commonwealth Scientific and Industrial Research Organization’s Data61 found lots of malicious content on GooglePlay in a recent study. To help protect yourself, consider installing an Antivirus application on your phone. https://thenextweb.com/security/2019/06/24/study-google-play-is-riddled-with-thousands-of-data-stealing-counterfeit-apps/
- A security research group disclosed a GPS spoofing flaw in Tesla cars. They found attackers could easily exploit the vulnerability remotely. https://www.regulus.com/blog/tesla-model-3-spoofed-off-the-highway-regulus-researches-hack-navigation-system-causing-car-to-steer-off-road/ and https://insidegnss.com/tesla-model-s-and-model-3-prove-vulnerable-to-gps-spoofing-attacks-research-from-regulus-cyber-shows/
- Cybereason claims hackers have stolen tons of data from over a dozen global telecoms around the world. In their report, Cybereason claims that China supported these campaigns. https://www.cybereason.com/press/cybereason-uncovers-massive-state-sponsored-espionage-operation-leveraging-privately-owned-critical-infrastructure-companies
- Researchers from Finite State found more evidence that Huawei has not been prioritizing security during development of some of their products. https://www.scmagazine.com/home/security-news/vulnerabilities/huawei-products-riddled-with-backdoors-zero-days-and-critical-vulnerabilities/
- A Medium user going by the Mr. Robot alias Elliot Alderson, wrote about his findings while researching MFSocket, A Chinese surveillance app. The researcher found that police in Beijing and Shanghai were installing the malware on phones while “inspecting” them at a policy station. While we can’t recommend anything illegal, we would leave our cellphone at home if we travel through these parts. https://medium.com/@fs0c131y/mfsocket-a-chinese-surveillance-tool-58e8850c3de4
- The EU is preparing for Russian and Chinese cyber attacks by running cyber war games. https://www.theguardian.com/technology/2019/jun/27/eu-war-games-prepare-russia-china-cyber-attacks
- Researchers found critical vulnerabilities in Cisco and Kurbernetes products this week. Be sure to check if you are affected and patch ASAP! Cisco: https://www.zdnet.com/article/new-cisco-critical-bugs-9-810-severity-nexus-security-flaws-need-urgent-update/ Kurbernetes: https://www.zdnet.com/article/kubernetes-cli-tool-security-flaw-lets-attackers-run-code-on-host-machine/
If we missed any big stories, let us know in the comments below.